Re: [UPDATE] www/varnish 5.2.0 -> 5.2.1
On [22/11/17] [02:33P], Stuart Henderson wrote:
; This is the *only* code change in the upstream code. (The only others are
; an additional test, and regen for new version number / commit ids in docs).
;
; diff -uNp -r varnish-5.2.0/bin/varnishd/cache/cache_fetch.c
varnish-5.2.1/bin/varnishd/cache/cache_fetch.c
; --- varnish-5.2.0/bin/varnishd/cache/cache_fetch.cFri Sep 15 12:12:41 2017
; +++ varnish-5.2.1/bin/varnishd/cache/cache_fetch.cTue Nov 14 13:39:35 2017
; @@ -899,6 +899,8 @@ vbf_stp_error(struct worker *wrk, struct busyobj *bo)
; l = ll;
; if (VFP_GetStorage(bo->vfc, , ) != VFP_OK)
; break;
; + if (l > ll)
; + l = ll;
; memcpy(ptr, VSB_data(synth_body) + o, l);
; VFP_Extend(bo->vfc, l);
; ll -= l;
; diff -uNp -r varnish-5.2.0/bin/varnishd/cache/cache_session.c
varnish-5.2.1/bin/varnishd/cache/cache_session.c
; --- varnish-5.2.0/bin/varnishd/cache/cache_session.c Tue Sep 5 15:21:34 2017
; +++ varnish-5.2.1/bin/varnishd/cache/cache_session.c Tue Nov 14 13:39:35 2017
; @@ -289,7 +289,7 @@ HTC_RxStuff(struct http_conn *htc, htc_complete_f *fun
; WRONG("htc_status_e");
;
; tmo = tn - now;
; - if (!isnan(ti) && ti < tn)
; + if (!isnan(ti) && ti < tn && hs == HTC_S_EMPTY)
; tmo = ti - now;
; z = maxbytes - (htc->rxbuf_e - htc->rxbuf_b);
; assert(z >= 0);
;
; OK for this simple port update?
;
; Index: Makefile
; ===
; RCS file: /cvs/ports/www/varnish/Makefile,v
; retrieving revision 1.33
; diff -u -p -r1.33 Makefile
; --- Makefile 18 Sep 2017 14:09:53 - 1.33
; +++ Makefile 22 Nov 2017 14:31:14 -
; @@ -2,7 +2,7 @@
;
; COMMENT =high-performance HTTP accelerator
;
; -DISTNAME = varnish-5.2.0
; +DISTNAME = varnish-5.2.1
;
; CATEGORIES = www
;
; Index: distinfo
; ===
; RCS file: /cvs/ports/www/varnish/distinfo,v
; retrieving revision 1.17
; diff -u -p -r1.17 distinfo
; --- distinfo 18 Sep 2017 14:09:53 - 1.17
; +++ distinfo 22 Nov 2017 14:31:14 -
; @@ -1,2 +1,2 @@
; -SHA256 (varnish-5.2.0.tgz) = zEgmoEgPSSaNOZYwnkt+RlFR6aUjzPjq1JnsV1FJ9H4=
; -SIZE (varnish-5.2.0.tgz) = 2828867
; +SHA256 (varnish-5.2.1.tgz) = uEUsnXjBb3jIz9HBoeaWUjv2S3chwzAVDcwIUkWQFLM=
; +SIZE (varnish-5.2.1.tgz) = 2827676
; >
OK gonzalo@
--
Sending from my toaster.
Re: [UPDATE] www/varnish 5.2.0 -> 5.2.1
This is the *only* code change in the upstream code. (The only others are
an additional test, and regen for new version number / commit ids in docs).
diff -uNp -r varnish-5.2.0/bin/varnishd/cache/cache_fetch.c
varnish-5.2.1/bin/varnishd/cache/cache_fetch.c
--- varnish-5.2.0/bin/varnishd/cache/cache_fetch.c Fri Sep 15 12:12:41 2017
+++ varnish-5.2.1/bin/varnishd/cache/cache_fetch.c Tue Nov 14 13:39:35 2017
@@ -899,6 +899,8 @@ vbf_stp_error(struct worker *wrk, struct busyobj *bo)
l = ll;
if (VFP_GetStorage(bo->vfc, , ) != VFP_OK)
break;
+ if (l > ll)
+ l = ll;
memcpy(ptr, VSB_data(synth_body) + o, l);
VFP_Extend(bo->vfc, l);
ll -= l;
diff -uNp -r varnish-5.2.0/bin/varnishd/cache/cache_session.c
varnish-5.2.1/bin/varnishd/cache/cache_session.c
--- varnish-5.2.0/bin/varnishd/cache/cache_session.cTue Sep 5 15:21:34 2017
+++ varnish-5.2.1/bin/varnishd/cache/cache_session.cTue Nov 14 13:39:35 2017
@@ -289,7 +289,7 @@ HTC_RxStuff(struct http_conn *htc, htc_complete_f *fun
WRONG("htc_status_e");
tmo = tn - now;
- if (!isnan(ti) && ti < tn)
+ if (!isnan(ti) && ti < tn && hs == HTC_S_EMPTY)
tmo = ti - now;
z = maxbytes - (htc->rxbuf_e - htc->rxbuf_b);
assert(z >= 0);
OK for this simple port update?
Index: Makefile
===
RCS file: /cvs/ports/www/varnish/Makefile,v
retrieving revision 1.33
diff -u -p -r1.33 Makefile
--- Makefile18 Sep 2017 14:09:53 - 1.33
+++ Makefile22 Nov 2017 14:31:14 -
@@ -2,7 +2,7 @@
COMMENT = high-performance HTTP accelerator
-DISTNAME = varnish-5.2.0
+DISTNAME = varnish-5.2.1
CATEGORIES = www
Index: distinfo
===
RCS file: /cvs/ports/www/varnish/distinfo,v
retrieving revision 1.17
diff -u -p -r1.17 distinfo
--- distinfo18 Sep 2017 14:09:53 - 1.17
+++ distinfo22 Nov 2017 14:31:14 -
@@ -1,2 +1,2 @@
-SHA256 (varnish-5.2.0.tgz) = zEgmoEgPSSaNOZYwnkt+RlFR6aUjzPjq1JnsV1FJ9H4=
-SIZE (varnish-5.2.0.tgz) = 2828867
+SHA256 (varnish-5.2.1.tgz) = uEUsnXjBb3jIz9HBoeaWUjv2S3chwzAVDcwIUkWQFLM=
+SIZE (varnish-5.2.1.tgz) = 2827676
>
Re: [UPDATE] www/varnish 5.2.0 -> 5.2.1
On [22/11/17] [11:47P], Klemens Nanni wrote:
; On Wed, Nov 15, 2017 at 05:14:11PM +0100, Klemens Nanni wrote:
; > This is a security update[0] fixing a data leak:
; >
; > A wrong if statement in the varnishd source code means that
; > synthetic objects in stevedores which over-allocate, may leak up
; > to page size of data from a malloc(3) memory allocation.
; >
; > In a unpredictable percentage of the cases where this condition
; > arises, a segmentation fault will happen instead.
; >
; > Tests continue to pass:
; >
; > # TOTAL: 636
; > # PASS: 630
; > # SKIP: 5
; > # XFAIL: 0
; > # FAIL: 1
; > # XPASS: 0
; > # ERROR: 0
; >
; > FAIL tests/u0.vtc (exit status: 2)
; >
; > Removed TEST_TARGET=check as it's default. I also replaced cp with
; > ${INSTALL_DATA} post-install and pointed users to 5.2 docs.
; >
; > Since Varnish compiles .vsc files to C using python with 2.7 specific
; > code (import StringIO), I added lang/python and explicity set
; > MODPY_VERSION=2.7.
; >
; > Feedback? Does anyone want to commit this?
; >
; > 0: https://varnish-cache.org/releases/rel5.2.1.html#rel5-2-1
; >
; > diff --git a/www/varnish/Makefile b/www/varnish/Makefile
; > index b0fa5029ab4..5cf58670364 100644
; > --- a/www/varnish/Makefile
; > +++ b/www/varnish/Makefile
; > @@ -2,7 +2,7 @@
; >
; > COMMENT = high-performance HTTP accelerator
; >
; > -DISTNAME = varnish-5.2.0
; > +DISTNAME = varnish-5.2.1
; >
; > CATEGORIES = www
; >
; > @@ -16,12 +16,16 @@ MAINTAINER =Jim Razmus II
\
; > # BSD
; > PERMIT_PACKAGE_CDROM = Yes
; >
; > -MASTER_SITES = https://varnish-cache.org/_downloads/
; > +MASTER_SITES = ${HOMEPAGE}_downloads/
; >
; > EXTRACT_SUFX = .tgz
; >
; > WANTLIB += c execinfo m ncursesw pcre pthread readline termcap
; >
; > +MODULES = lang/python
; > +
; > +MODPY_VERSION =2.7
; > +
; > BUILD_DEPENDS =${MODGNU_AUTOCONF_DEPENDS} \
; > ${MODGNU_AUTOMAKE_DEPENDS} \
; > devel/libtool \
; > @@ -30,6 +34,8 @@ LIB_DEPENDS = devel/pcre
; > # The internal backtrace implementation fails to build with -Werror on
arm/hppa
; > LIB_DEPENDS += devel/libexecinfo
; >
; > +MODPY_RUNDEP = No
; > +
; > WRKDIST = ${WRKDIR}/${DISTNAME}
; > USE_GMAKE =Yes
; > CONFIGURE_STYLE = gnu
; > @@ -38,7 +44,7 @@ AUTOMAKE_VERSION =1.15
; > CONFIGURE_ENV =CPPFLAGS="-I${LOCALBASE}/include" \
; > LDFLAGS="-L${LOCALBASE}/lib ${LDFLAGS}"
; >
; > -TEST_TARGET = check
; > +MODPY_ADJ_FILES = lib/lib*/*.py
; >
; > post-patch:
; > cd ${WRKSRC} && env AUTOCONF_VERSION=${AUTOCONF_VERSION} \
; > @@ -47,7 +53,7 @@ post-patch:
; > post-install:
; > ${INSTALL_DATA_DIR} ${PREFIX}/share/doc/varnish
; > ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/varnish
; > - cp ${WRKDIST}${SYSCONFDIR}/{example,builtin}.vcl \
; > + ${INSTALL_DATA} ${WRKDIST}${SYSCONFDIR}/{example,builtin}.vcl \
; > ${PREFIX}/share/examples/varnish
; > rm -f ${PREFIX}/lib/varnish/{vmods,}/*.{a,la}
; >
; > diff --git a/www/varnish/distinfo b/www/varnish/distinfo
; > index f7dc351f783..cdba07a9889 100644
; > --- a/www/varnish/distinfo
; > +++ b/www/varnish/distinfo
; > @@ -1,2 +1,2 @@
; > -SHA256 (varnish-5.2.0.tgz) = zEgmoEgPSSaNOZYwnkt+RlFR6aUjzPjq1JnsV1FJ9H4=
; > -SIZE (varnish-5.2.0.tgz) = 2828867
; > +SHA256 (varnish-5.2.1.tgz) = uEUsnXjBb3jIz9HBoeaWUjv2S3chwzAVDcwIUkWQFLM=
; > +SIZE (varnish-5.2.1.tgz) = 2827676
; > diff --git a/www/varnish/pkg/MESSAGE b/www/varnish/pkg/MESSAGE
; > index 5f50b1bbf2a..ce02efaef87 100644
; > --- a/www/varnish/pkg/MESSAGE
; > +++ b/www/varnish/pkg/MESSAGE
; > @@ -5,4 +5,4 @@ or the following link for more information:
; >
; > and for further information:
; >
; > - https://www.varnish-cache.org/docs/5.0/
; > + https://www.varnish-cache.org/docs/5.2/
; >
; One week bump, neither of the two maintainers have replied so far.
;
; I can take of the python 2.7 bits in another diff so the next
; revision/release won't depend on 2.7 anymore.
;
A little bit busy right now, but I can test the diff in a couple days.
Thanks.
--
Sending from my toaster.
Re: [UPDATE] www/varnish 5.2.0 -> 5.2.1
On Wed, Nov 22, 2017 at 11:03:51AM +, Stuart Henderson wrote:
> On 2017/11/22 11:47, Klemens Nanni wrote:
> > On Wed, Nov 15, 2017 at 05:14:11PM +0100, Klemens Nanni wrote:
> > > This is a security update[0] fixing a data leak:
> > >
> > > A wrong if statement in the varnishd source code means that
> > > synthetic objects in stevedores which over-allocate, may leak up
> > > to page size of data from a malloc(3) memory allocation.
> > >
> > > In a unpredictable percentage of the cases where this condition
> > > arises, a segmentation fault will happen instead.
> > >
> > > Tests continue to pass:
> > >
> > > # TOTAL: 636
> > > # PASS: 630
> > > # SKIP: 5
> > > # XFAIL: 0
> > > # FAIL: 1
> > > # XPASS: 0
> > > # ERROR: 0
> > >
> > > FAIL tests/u0.vtc (exit status: 2)
> > >
> > > Removed TEST_TARGET=check as it's default. I also replaced cp with
> > > ${INSTALL_DATA} post-install and pointed users to 5.2 docs.
> > >
> > > Since Varnish compiles .vsc files to C using python with 2.7 specific
> > > code (import StringIO), I added lang/python and explicity set
> > > MODPY_VERSION=2.7.
> > >
> > > Feedback? Does anyone want to commit this?
> > >
> > > 0: https://varnish-cache.org/releases/rel5.2.1.html#rel5-2-1
> > >
> > > diff --git a/www/varnish/Makefile b/www/varnish/Makefile
> > > index b0fa5029ab4..5cf58670364 100644
> > > --- a/www/varnish/Makefile
> > > +++ b/www/varnish/Makefile
> > > @@ -2,7 +2,7 @@
> > >
> > > COMMENT =high-performance HTTP accelerator
> > >
> > > -DISTNAME = varnish-5.2.0
> > > +DISTNAME = varnish-5.2.1
> > >
> > > CATEGORIES = www
> > >
> > > @@ -16,12 +16,16 @@ MAINTAINER = Jim Razmus II
> > > \
> > > # BSD
> > > PERMIT_PACKAGE_CDROM = Yes
> > >
> > > -MASTER_SITES = https://varnish-cache.org/_downloads/
> > > +MASTER_SITES = ${HOMEPAGE}_downloads/
>
> We stopped doing that, it's annoying if you want to copy the URL from
> Makefile and open it in a browser.
>
> > > EXTRACT_SUFX = .tgz
> > >
> > > WANTLIB += c execinfo m ncursesw pcre pthread readline termcap
> > >
> > > +MODULES =lang/python
> > > +
> > > +MODPY_VERSION = 2.7
> > > +
> > > BUILD_DEPENDS = ${MODGNU_AUTOCONF_DEPENDS} \
> > > ${MODGNU_AUTOMAKE_DEPENDS} \
> > > devel/libtool \
> > > @@ -30,6 +34,8 @@ LIB_DEPENDS = devel/pcre
> > > # The internal backtrace implementation fails to build with -Werror on
> > > arm/hppa
> > > LIB_DEPENDS += devel/libexecinfo
> > >
> > > +MODPY_RUNDEP = No
> > > +
> > > WRKDIST =${WRKDIR}/${DISTNAME}
> > > USE_GMAKE = Yes
> > > CONFIGURE_STYLE =gnu
> > > @@ -38,7 +44,7 @@ AUTOMAKE_VERSION = 1.15
> > > CONFIGURE_ENV = CPPFLAGS="-I${LOCALBASE}/include" \
> > > LDFLAGS="-L${LOCALBASE}/lib ${LDFLAGS}"
> > >
> > > -TEST_TARGET =check
> > > +MODPY_ADJ_FILES =lib/lib*/*.py
> > >
> > > post-patch:
> > > cd ${WRKSRC} && env AUTOCONF_VERSION=${AUTOCONF_VERSION} \
> > > @@ -47,7 +53,7 @@ post-patch:
> > > post-install:
> > > ${INSTALL_DATA_DIR} ${PREFIX}/share/doc/varnish
> > > ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/varnish
> > > - cp ${WRKDIST}${SYSCONFDIR}/{example,builtin}.vcl \
> > > + ${INSTALL_DATA} ${WRKDIST}${SYSCONFDIR}/{example,builtin}.vcl \
> > > ${PREFIX}/share/examples/varnish
> > > rm -f ${PREFIX}/lib/varnish/{vmods,}/*.{a,la}
> > >
> > > diff --git a/www/varnish/distinfo b/www/varnish/distinfo
> > > index f7dc351f783..cdba07a9889 100644
> > > --- a/www/varnish/distinfo
> > > +++ b/www/varnish/distinfo
> > > @@ -1,2 +1,2 @@
> > > -SHA256 (varnish-5.2.0.tgz) = zEgmoEgPSSaNOZYwnkt+RlFR6aUjzPjq1JnsV1FJ9H4=
> > > -SIZE (varnish-5.2.0.tgz) = 2828867
> > > +SHA256 (varnish-5.2.1.tgz) = uEUsnXjBb3jIz9HBoeaWUjv2S3chwzAVDcwIUkWQFLM=
> > > +SIZE (varnish-5.2.1.tgz) = 2827676
> > > diff --git a/www/varnish/pkg/MESSAGE b/www/varnish/pkg/MESSAGE
> > > index 5f50b1bbf2a..ce02efaef87 100644
> > > --- a/www/varnish/pkg/MESSAGE
> > > +++ b/www/varnish/pkg/MESSAGE
> > > @@ -5,4 +5,4 @@ or the following link for more information:
> > >
> > > and for further information:
> > >
> > > - https://www.varnish-cache.org/docs/5.0/
> > > + https://www.varnish-cache.org/docs/5.2/
> > >
>
> MESSAGE doesn't really add anything. Better to just remove it IMHO.
>
> > One week bump, neither of the two maintainers have replied so far.
> >
> > I can take of the python 2.7 bits in another diff so the next
> > revision/release won't depend on 2.7 anymore.
>
> A word of advice: if you're trying to get what looks like it might be
> a relatively simple security update in quickly, don't make any
> unnecessary Makefile changes on top.
Noted, cheers. Updated diff below.
diff --git a/www/varnish/Makefile
Re: [UPDATE] www/varnish 5.2.0 -> 5.2.1
On 2017/11/22 11:47, Klemens Nanni wrote:
> On Wed, Nov 15, 2017 at 05:14:11PM +0100, Klemens Nanni wrote:
> > This is a security update[0] fixing a data leak:
> >
> > A wrong if statement in the varnishd source code means that
> > synthetic objects in stevedores which over-allocate, may leak up
> > to page size of data from a malloc(3) memory allocation.
> >
> > In a unpredictable percentage of the cases where this condition
> > arises, a segmentation fault will happen instead.
> >
> > Tests continue to pass:
> >
> > # TOTAL: 636
> > # PASS: 630
> > # SKIP: 5
> > # XFAIL: 0
> > # FAIL: 1
> > # XPASS: 0
> > # ERROR: 0
> >
> > FAIL tests/u0.vtc (exit status: 2)
> >
> > Removed TEST_TARGET=check as it's default. I also replaced cp with
> > ${INSTALL_DATA} post-install and pointed users to 5.2 docs.
> >
> > Since Varnish compiles .vsc files to C using python with 2.7 specific
> > code (import StringIO), I added lang/python and explicity set
> > MODPY_VERSION=2.7.
> >
> > Feedback? Does anyone want to commit this?
> >
> > 0: https://varnish-cache.org/releases/rel5.2.1.html#rel5-2-1
> >
> > diff --git a/www/varnish/Makefile b/www/varnish/Makefile
> > index b0fa5029ab4..5cf58670364 100644
> > --- a/www/varnish/Makefile
> > +++ b/www/varnish/Makefile
> > @@ -2,7 +2,7 @@
> >
> > COMMENT = high-performance HTTP accelerator
> >
> > -DISTNAME = varnish-5.2.0
> > +DISTNAME = varnish-5.2.1
> >
> > CATEGORIES = www
> >
> > @@ -16,12 +16,16 @@ MAINTAINER =Jim Razmus II
> > \
> > # BSD
> > PERMIT_PACKAGE_CDROM = Yes
> >
> > -MASTER_SITES = https://varnish-cache.org/_downloads/
> > +MASTER_SITES = ${HOMEPAGE}_downloads/
We stopped doing that, it's annoying if you want to copy the URL from
Makefile and open it in a browser.
> > EXTRACT_SUFX = .tgz
> >
> > WANTLIB += c execinfo m ncursesw pcre pthread readline termcap
> >
> > +MODULES = lang/python
> > +
> > +MODPY_VERSION =2.7
> > +
> > BUILD_DEPENDS =${MODGNU_AUTOCONF_DEPENDS} \
> > ${MODGNU_AUTOMAKE_DEPENDS} \
> > devel/libtool \
> > @@ -30,6 +34,8 @@ LIB_DEPENDS = devel/pcre
> > # The internal backtrace implementation fails to build with -Werror on
> > arm/hppa
> > LIB_DEPENDS += devel/libexecinfo
> >
> > +MODPY_RUNDEP = No
> > +
> > WRKDIST = ${WRKDIR}/${DISTNAME}
> > USE_GMAKE =Yes
> > CONFIGURE_STYLE = gnu
> > @@ -38,7 +44,7 @@ AUTOMAKE_VERSION =1.15
> > CONFIGURE_ENV =CPPFLAGS="-I${LOCALBASE}/include" \
> > LDFLAGS="-L${LOCALBASE}/lib ${LDFLAGS}"
> >
> > -TEST_TARGET = check
> > +MODPY_ADJ_FILES = lib/lib*/*.py
> >
> > post-patch:
> > cd ${WRKSRC} && env AUTOCONF_VERSION=${AUTOCONF_VERSION} \
> > @@ -47,7 +53,7 @@ post-patch:
> > post-install:
> > ${INSTALL_DATA_DIR} ${PREFIX}/share/doc/varnish
> > ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/varnish
> > - cp ${WRKDIST}${SYSCONFDIR}/{example,builtin}.vcl \
> > + ${INSTALL_DATA} ${WRKDIST}${SYSCONFDIR}/{example,builtin}.vcl \
> > ${PREFIX}/share/examples/varnish
> > rm -f ${PREFIX}/lib/varnish/{vmods,}/*.{a,la}
> >
> > diff --git a/www/varnish/distinfo b/www/varnish/distinfo
> > index f7dc351f783..cdba07a9889 100644
> > --- a/www/varnish/distinfo
> > +++ b/www/varnish/distinfo
> > @@ -1,2 +1,2 @@
> > -SHA256 (varnish-5.2.0.tgz) = zEgmoEgPSSaNOZYwnkt+RlFR6aUjzPjq1JnsV1FJ9H4=
> > -SIZE (varnish-5.2.0.tgz) = 2828867
> > +SHA256 (varnish-5.2.1.tgz) = uEUsnXjBb3jIz9HBoeaWUjv2S3chwzAVDcwIUkWQFLM=
> > +SIZE (varnish-5.2.1.tgz) = 2827676
> > diff --git a/www/varnish/pkg/MESSAGE b/www/varnish/pkg/MESSAGE
> > index 5f50b1bbf2a..ce02efaef87 100644
> > --- a/www/varnish/pkg/MESSAGE
> > +++ b/www/varnish/pkg/MESSAGE
> > @@ -5,4 +5,4 @@ or the following link for more information:
> >
> > and for further information:
> >
> > - https://www.varnish-cache.org/docs/5.0/
> > + https://www.varnish-cache.org/docs/5.2/
> >
MESSAGE doesn't really add anything. Better to just remove it IMHO.
> One week bump, neither of the two maintainers have replied so far.
>
> I can take of the python 2.7 bits in another diff so the next
> revision/release won't depend on 2.7 anymore.
A word of advice: if you're trying to get what looks like it might be
a relatively simple security update in quickly, don't make any
unnecessary Makefile changes on top.
Re: [UPDATE] www/varnish 5.2.0 -> 5.2.1
On Wed, Nov 15, 2017 at 05:14:11PM +0100, Klemens Nanni wrote:
> This is a security update[0] fixing a data leak:
>
> A wrong if statement in the varnishd source code means that
> synthetic objects in stevedores which over-allocate, may leak up
> to page size of data from a malloc(3) memory allocation.
>
> In a unpredictable percentage of the cases where this condition
> arises, a segmentation fault will happen instead.
>
> Tests continue to pass:
>
> # TOTAL: 636
> # PASS: 630
> # SKIP: 5
> # XFAIL: 0
> # FAIL: 1
> # XPASS: 0
> # ERROR: 0
>
> FAIL tests/u0.vtc (exit status: 2)
>
> Removed TEST_TARGET=check as it's default. I also replaced cp with
> ${INSTALL_DATA} post-install and pointed users to 5.2 docs.
>
> Since Varnish compiles .vsc files to C using python with 2.7 specific
> code (import StringIO), I added lang/python and explicity set
> MODPY_VERSION=2.7.
>
> Feedback? Does anyone want to commit this?
>
> 0: https://varnish-cache.org/releases/rel5.2.1.html#rel5-2-1
>
> diff --git a/www/varnish/Makefile b/www/varnish/Makefile
> index b0fa5029ab4..5cf58670364 100644
> --- a/www/varnish/Makefile
> +++ b/www/varnish/Makefile
> @@ -2,7 +2,7 @@
>
> COMMENT =high-performance HTTP accelerator
>
> -DISTNAME = varnish-5.2.0
> +DISTNAME = varnish-5.2.1
>
> CATEGORIES = www
>
> @@ -16,12 +16,16 @@ MAINTAINER = Jim Razmus II
> \
> # BSD
> PERMIT_PACKAGE_CDROM = Yes
>
> -MASTER_SITES = https://varnish-cache.org/_downloads/
> +MASTER_SITES = ${HOMEPAGE}_downloads/
>
> EXTRACT_SUFX = .tgz
>
> WANTLIB += c execinfo m ncursesw pcre pthread readline termcap
>
> +MODULES =lang/python
> +
> +MODPY_VERSION = 2.7
> +
> BUILD_DEPENDS = ${MODGNU_AUTOCONF_DEPENDS} \
> ${MODGNU_AUTOMAKE_DEPENDS} \
> devel/libtool \
> @@ -30,6 +34,8 @@ LIB_DEPENDS = devel/pcre
> # The internal backtrace implementation fails to build with -Werror on
> arm/hppa
> LIB_DEPENDS += devel/libexecinfo
>
> +MODPY_RUNDEP = No
> +
> WRKDIST =${WRKDIR}/${DISTNAME}
> USE_GMAKE = Yes
> CONFIGURE_STYLE =gnu
> @@ -38,7 +44,7 @@ AUTOMAKE_VERSION = 1.15
> CONFIGURE_ENV = CPPFLAGS="-I${LOCALBASE}/include" \
> LDFLAGS="-L${LOCALBASE}/lib ${LDFLAGS}"
>
> -TEST_TARGET =check
> +MODPY_ADJ_FILES =lib/lib*/*.py
>
> post-patch:
> cd ${WRKSRC} && env AUTOCONF_VERSION=${AUTOCONF_VERSION} \
> @@ -47,7 +53,7 @@ post-patch:
> post-install:
> ${INSTALL_DATA_DIR} ${PREFIX}/share/doc/varnish
> ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/varnish
> - cp ${WRKDIST}${SYSCONFDIR}/{example,builtin}.vcl \
> + ${INSTALL_DATA} ${WRKDIST}${SYSCONFDIR}/{example,builtin}.vcl \
> ${PREFIX}/share/examples/varnish
> rm -f ${PREFIX}/lib/varnish/{vmods,}/*.{a,la}
>
> diff --git a/www/varnish/distinfo b/www/varnish/distinfo
> index f7dc351f783..cdba07a9889 100644
> --- a/www/varnish/distinfo
> +++ b/www/varnish/distinfo
> @@ -1,2 +1,2 @@
> -SHA256 (varnish-5.2.0.tgz) = zEgmoEgPSSaNOZYwnkt+RlFR6aUjzPjq1JnsV1FJ9H4=
> -SIZE (varnish-5.2.0.tgz) = 2828867
> +SHA256 (varnish-5.2.1.tgz) = uEUsnXjBb3jIz9HBoeaWUjv2S3chwzAVDcwIUkWQFLM=
> +SIZE (varnish-5.2.1.tgz) = 2827676
> diff --git a/www/varnish/pkg/MESSAGE b/www/varnish/pkg/MESSAGE
> index 5f50b1bbf2a..ce02efaef87 100644
> --- a/www/varnish/pkg/MESSAGE
> +++ b/www/varnish/pkg/MESSAGE
> @@ -5,4 +5,4 @@ or the following link for more information:
>
> and for further information:
>
> - https://www.varnish-cache.org/docs/5.0/
> + https://www.varnish-cache.org/docs/5.2/
>
One week bump, neither of the two maintainers have replied so far.
I can take of the python 2.7 bits in another diff so the next
revision/release won't depend on 2.7 anymore.
[UPDATE] www/varnish to 5.2.1
This is a security update[0] fixing a data leak:
A wrong if statement in the varnishd source code means that
synthetic objects in stevedores which over-allocate, may leak up
to page size of data from a malloc(3) memory allocation.
In a unpredictable percentage of the cases where this condition
arises, a segmentation fault will happen instead.
Tests continue to pass as before (full log attached):
# TOTAL: 636
# PASS: 630
# SKIP: 5
# XFAIL: 0
# FAIL: 1
# XPASS: 0
# ERROR: 0
I also removed TEST_TARGET=check as it's the default, used
${INSTALL_DATA} instead of cp in post-install and pointed users to 5.2
instead of 5.0 docs.
Varnish uses python scripts to compile .vsc into C so I added
lang/python with MODPY_VERSION=2.7 explicity since it's importing
StringIO which appearantly became io.StringIO in 3.0 and higher.
Feedback? Does anyone want to commit this?
0: https://varnish-cache.org/releases/rel5.2.1.html#rel5-2-1
diff --git a/www/varnish/Makefile b/www/varnish/Makefile
index b0fa5029ab4..5cf58670364 100644
--- a/www/varnish/Makefile
+++ b/www/varnish/Makefile
@@ -2,7 +2,7 @@
COMMENT = high-performance HTTP accelerator
-DISTNAME = varnish-5.2.0
+DISTNAME = varnish-5.2.1
CATEGORIES = www
@@ -16,12 +16,16 @@ MAINTAINER =Jim Razmus II
\
# BSD
PERMIT_PACKAGE_CDROM = Yes
-MASTER_SITES = https://varnish-cache.org/_downloads/
+MASTER_SITES = ${HOMEPAGE}_downloads/
EXTRACT_SUFX = .tgz
WANTLIB += c execinfo m ncursesw pcre pthread readline termcap
+MODULES = lang/python
+
+MODPY_VERSION =2.7
+
BUILD_DEPENDS =${MODGNU_AUTOCONF_DEPENDS} \
${MODGNU_AUTOMAKE_DEPENDS} \
devel/libtool \
@@ -30,6 +34,8 @@ LIB_DEPENDS = devel/pcre
# The internal backtrace implementation fails to build with -Werror on arm/hppa
LIB_DEPENDS += devel/libexecinfo
+MODPY_RUNDEP = No
+
WRKDIST = ${WRKDIR}/${DISTNAME}
USE_GMAKE =Yes
CONFIGURE_STYLE = gnu
@@ -38,7 +44,7 @@ AUTOMAKE_VERSION =1.15
CONFIGURE_ENV =CPPFLAGS="-I${LOCALBASE}/include" \
LDFLAGS="-L${LOCALBASE}/lib ${LDFLAGS}"
-TEST_TARGET = check
+MODPY_ADJ_FILES = lib/lib*/*.py
post-patch:
cd ${WRKSRC} && env AUTOCONF_VERSION=${AUTOCONF_VERSION} \
@@ -47,7 +53,7 @@ post-patch:
post-install:
${INSTALL_DATA_DIR} ${PREFIX}/share/doc/varnish
${INSTALL_DATA_DIR} ${PREFIX}/share/examples/varnish
- cp ${WRKDIST}${SYSCONFDIR}/{example,builtin}.vcl \
+ ${INSTALL_DATA} ${WRKDIST}${SYSCONFDIR}/{example,builtin}.vcl \
${PREFIX}/share/examples/varnish
rm -f ${PREFIX}/lib/varnish/{vmods,}/*.{a,la}
diff --git a/www/varnish/distinfo b/www/varnish/distinfo
index f7dc351f783..cdba07a9889 100644
--- a/www/varnish/distinfo
+++ b/www/varnish/distinfo
@@ -1,2 +1,2 @@
-SHA256 (varnish-5.2.0.tgz) = zEgmoEgPSSaNOZYwnkt+RlFR6aUjzPjq1JnsV1FJ9H4=
-SIZE (varnish-5.2.0.tgz) = 2828867
+SHA256 (varnish-5.2.1.tgz) = uEUsnXjBb3jIz9HBoeaWUjv2S3chwzAVDcwIUkWQFLM=
+SIZE (varnish-5.2.1.tgz) = 2827676
diff --git a/www/varnish/pkg/MESSAGE b/www/varnish/pkg/MESSAGE
index 5f50b1bbf2a..ce02efaef87 100644
--- a/www/varnish/pkg/MESSAGE
+++ b/www/varnish/pkg/MESSAGE
@@ -5,4 +5,4 @@ or the following link for more information:
and for further information:
- https://www.varnish-cache.org/docs/5.0/
+ https://www.varnish-cache.org/docs/5.2/
===
Varnish 5.2.1: bin/varnishtest/test-suite.log
===
# TOTAL: 636
# PASS: 630
# SKIP: 5
# XFAIL: 0
# FAIL: 1
# XPASS: 0
# ERROR: 0
.. contents:: :depth: 2
SKIP: tests/a00014
==
top 0.0 extmacro def
pwd=/usr/obj/ports/varnish-5.2.1/varnish-5.2.1/bin/varnishtest
top 0.0 extmacro def localhost=127.0.0.1
top 0.0 extmacro def bad_backend=127.0.0.1 45991
top 0.0 extmacro def bad_ip=192.0.2.255
top 0.0 extmacro def topbuild=/usr/obj/ports/varnish-5.2.1/varnish-5.2.1
top 0.0 macro def tmpdir=/tmp/vtc.615.05f97f59
*top 0.0 TEST ./tests/a00014.vtc starting
** top 0.0 === varnishtest "Custom feature verification"
*top 0.0 TEST Custom feature verification
** top 0.0 === feature cmd true
** top 0.0 === feature cmd false
*top 0.0 SKIPPING test, lacking feature: false
*top 0.0 RESETTING after ./tests/a00014.vtc
*top 0.0 TEST ./tests/a00014.vtc completed
#top TEST ./tests/a00014.vtc skipped (0.004)
SKIP tests/a00014.vtc (exit status: 77)
SKIP: tests/a02022
==
top 0.0 extmacro def
pwd=/usr/obj/ports/varnish-5.2.1/varnish-5.2.1/bin/varnishtest
top
[UPDATE] www/varnish 5.2.0 -> 5.2.1
This is a security update[0] fixing a data leak:
A wrong if statement in the varnishd source code means that
synthetic objects in stevedores which over-allocate, may leak up
to page size of data from a malloc(3) memory allocation.
In a unpredictable percentage of the cases where this condition
arises, a segmentation fault will happen instead.
Tests continue to pass:
# TOTAL: 636
# PASS: 630
# SKIP: 5
# XFAIL: 0
# FAIL: 1
# XPASS: 0
# ERROR: 0
FAIL tests/u0.vtc (exit status: 2)
Removed TEST_TARGET=check as it's default. I also replaced cp with
${INSTALL_DATA} post-install and pointed users to 5.2 docs.
Since Varnish compiles .vsc files to C using python with 2.7 specific
code (import StringIO), I added lang/python and explicity set
MODPY_VERSION=2.7.
Feedback? Does anyone want to commit this?
0: https://varnish-cache.org/releases/rel5.2.1.html#rel5-2-1
diff --git a/www/varnish/Makefile b/www/varnish/Makefile
index b0fa5029ab4..5cf58670364 100644
--- a/www/varnish/Makefile
+++ b/www/varnish/Makefile
@@ -2,7 +2,7 @@
COMMENT = high-performance HTTP accelerator
-DISTNAME = varnish-5.2.0
+DISTNAME = varnish-5.2.1
CATEGORIES = www
@@ -16,12 +16,16 @@ MAINTAINER =Jim Razmus II
\
# BSD
PERMIT_PACKAGE_CDROM = Yes
-MASTER_SITES = https://varnish-cache.org/_downloads/
+MASTER_SITES = ${HOMEPAGE}_downloads/
EXTRACT_SUFX = .tgz
WANTLIB += c execinfo m ncursesw pcre pthread readline termcap
+MODULES = lang/python
+
+MODPY_VERSION =2.7
+
BUILD_DEPENDS =${MODGNU_AUTOCONF_DEPENDS} \
${MODGNU_AUTOMAKE_DEPENDS} \
devel/libtool \
@@ -30,6 +34,8 @@ LIB_DEPENDS = devel/pcre
# The internal backtrace implementation fails to build with -Werror on arm/hppa
LIB_DEPENDS += devel/libexecinfo
+MODPY_RUNDEP = No
+
WRKDIST = ${WRKDIR}/${DISTNAME}
USE_GMAKE =Yes
CONFIGURE_STYLE = gnu
@@ -38,7 +44,7 @@ AUTOMAKE_VERSION =1.15
CONFIGURE_ENV =CPPFLAGS="-I${LOCALBASE}/include" \
LDFLAGS="-L${LOCALBASE}/lib ${LDFLAGS}"
-TEST_TARGET = check
+MODPY_ADJ_FILES = lib/lib*/*.py
post-patch:
cd ${WRKSRC} && env AUTOCONF_VERSION=${AUTOCONF_VERSION} \
@@ -47,7 +53,7 @@ post-patch:
post-install:
${INSTALL_DATA_DIR} ${PREFIX}/share/doc/varnish
${INSTALL_DATA_DIR} ${PREFIX}/share/examples/varnish
- cp ${WRKDIST}${SYSCONFDIR}/{example,builtin}.vcl \
+ ${INSTALL_DATA} ${WRKDIST}${SYSCONFDIR}/{example,builtin}.vcl \
${PREFIX}/share/examples/varnish
rm -f ${PREFIX}/lib/varnish/{vmods,}/*.{a,la}
diff --git a/www/varnish/distinfo b/www/varnish/distinfo
index f7dc351f783..cdba07a9889 100644
--- a/www/varnish/distinfo
+++ b/www/varnish/distinfo
@@ -1,2 +1,2 @@
-SHA256 (varnish-5.2.0.tgz) = zEgmoEgPSSaNOZYwnkt+RlFR6aUjzPjq1JnsV1FJ9H4=
-SIZE (varnish-5.2.0.tgz) = 2828867
+SHA256 (varnish-5.2.1.tgz) = uEUsnXjBb3jIz9HBoeaWUjv2S3chwzAVDcwIUkWQFLM=
+SIZE (varnish-5.2.1.tgz) = 2827676
diff --git a/www/varnish/pkg/MESSAGE b/www/varnish/pkg/MESSAGE
index 5f50b1bbf2a..ce02efaef87 100644
--- a/www/varnish/pkg/MESSAGE
+++ b/www/varnish/pkg/MESSAGE
@@ -5,4 +5,4 @@ or the following link for more information:
and for further information:
- https://www.varnish-cache.org/docs/5.0/
+ https://www.varnish-cache.org/docs/5.2/
